The recent disclosure of the SolarWinds Orion supply chain attack is just the latest widespread vulnerability that has targeted clients across the globe. This issue is still in the early stages of analysis by the cybersecurity community, and RSM is actively monitoring the situation and providing updated information on our War Room blog ... READ MORE
Blog
SolarWinds Orion Supply Chain Attack
On December 13, 2020, FireEye reported a major intrusion into several high-visibility targets stemming from malicious code inserted into SolarWinds Orion software update packages. An external nation-state-level threat actor compromised the network of the SolarWinds IT management software company, allowing them to insert their own code into legitimate digitally signed update ... READ MORE
FireEye Intrusion – Red Team Tools Stolen
There is a saying in the security community that it is not if an organization will suffer a cybersecurity event but when. Current events prove that this statement stands true even for sophisticated security firms such as FireEye. We are closely monitoring the situation and wanted to share our perspective at this point. I share the opinion of at least a few of my peers who ... READ MORE
Vulnerability scanning your Android apps
A lesser known feature of the Mobile Secuirty Framework scanner MobSF from 'https://opensecurity.in/' is its ability to quickly scan a folder of APK files. This isn't normally something most users would need if they were only targeting a single app but if you're trying to assess the security of a device you might find it necessary to look at every piece of software, from the ... READ MORE
Mobile Apps – Testing WebView
Mobile application testing has progressed significantly over the past few years. Whereas the early days of mobile security were more or less a wild west, efforts such as the Mobile Top 10 and testing guide from OWASP and courses like SANS 575 have helped to standardize both methodologies and expectations for testing. Tools like MobSF and expanded support in Metasploit and ... READ MORE
2020 Attack Vectors Report – Internal Pentesting
Our team has collected two years worth of internal penetration testing data to put together a white paper covering our most frequent footholds that lead to full network compromises. The data clearly shows that passwords and patching continue to be a significant problem. Nearly half of all compromises achieved by RSM's testing team between 2018 and 2020 were a direct result ... READ MORE
Distributed Security: Advancements in IT Governance using Multi-Party Computation (MPC)
Imagine never having to remember a password again. To some this might sound crazy, but by combining time-tested cryptography and new technological advancements, this far-fetched proposition is possible. Multi-party computation (MPC) protocols allow users to eliminate the need to remember passwords and potentially much more while simultaneously enhancing data security. MPC works ... READ MORE
Building a Vulnerable Box – HTML5 VPN Portal
Years ago, I wrote a series of posts covering the basics of building and exploiting vulnerable machines for learning purposes. With my two most recent posts covering virtual labs, it seems like an appropriate time to revisit the topic. I've used the misconfiguration I'm going to cover in this article on several Capture the Flag events and mock pentests over the years. It ... READ MORE
Building a Lab Network – Faux Corporate Networks
Last month, I mentioned the possibility of setting up a second virtual firewall in a lab environment to simulate a corporate network with mock internal and external spaces. I frequently do this for CTFs, student pentesting projects, and more. Offensive security training is rapidly moving towards realistic environments. Organizations like HackTheBox which historically have ... READ MORE
SAP RECON CVE-2020-6287
On July 13, 2020, SAP software released a patch impacting the SAP NetWeaver Application Server Java versions 7.5 and earlier. The vulnerability dubbed RECON (Remotely Exploitable Code on NetWeaver) Specifically targets SAP NetWeaver Java while Advanced Business Application Programming (ABAP) stack systems remain unaffected. This vulnerability is operating system (OS) and ... READ MORE